My good friend Alex Kornbrust has added an advisory for Critical Patch Update (CPU) - January 2005
to his website. The advisory is titled "Buffer Overflow in Create Database Link in Oracle8i - 9i" and details a bug Alex found in April 2003. Alex has found that any user with the ability to create a DATABASE LINK can crash the database. The workaround Alex suggests is to revoke the CREATE DATABASE LINK system privilege from the CONNECT role.
I would suggest a better solution is to revoke the CONNECT ROLE from all users that have been granted it and to then create a more realistic connect role for general users and grant that instead. You can find which users have CREATE DATABASE LINK system privileges with my script who_has_priv.sql
and you can also find out who has been granted the CONNECT ROLE
with my script who_has_role.sql
More about Alex's site later.